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DETAILED ACTION 

1. Claims 1-11 and 13-28 have been examined. 

Claim Rejections - 35 USC §102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

2. Claims Ml, 13, and 19-28 are rejected under 35 U.S.C. 102(e) as being clearly 
anticipated by Pitchenik et al. U.S. Pat. No. 6397328 (hereinafter Pitchenik). 

3. As per claim 1, Pitchenik discloses a method of authenticating conq)uting devices on a 
communications network comprising the steps of : receiving a first challenge from a conq)uting 
device, wherein said first challenge comprises an encrypted first random number and a unique 
identifier associated with said conqDuting device (Pitchenik; column 2 line 40 - column 3 line 28; 
column 4 lines 32 - 67); obtaining a first secret cryptographic key associated with said unique 
identifier (Pitchenik: column 2 line 40 - column 3 line 28; column 4 lines 32 - 67); generating a 
second random number (Pitchenik: column 2 hne 40 - column 3 line 28; column 4 lines 32 - 
67); decrypting said first random number with said first secret cryptographic key (Pitchenik: 
column 2 line 40 - column 3 line 28; column 4 lines 32 - 67); encrypting said second random 
number with said first secret cryptographic key (Pitchenik: column 2 line 40 - column 3 line 28; 
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column 4 lines 32 - 67); and transmitting a second challenge to said con^Duting device, wherein 
said second challenge comprises said encrypted said second random number (Pitchenik: column 
2 Une 40 - column 3 line 28; column 4 lines 32 - 67). 

4. As per claim 19, Pitchenik discloses a method of authenticating confuting devices on a 
communications network comprising the steps of: receiving a first challenge from a computing 
device, wherein said first challenge con5)rises a first random number and a unique identifier 
associated with said first secret cryptographic key (Pitchenik: column 2 line 34 - column 3 line 
3); and transmitting a second challenge to said computing device, wherein said second challenge 
comprises said encrypted first random number and said second random number (Pitchenik: 
column 2 line 34 - column 3 line 3). 

5. As per claim 2 and 20, Pitchenik discloses the method of claims 1 and 19 respectively. 
Pitchenik fiirther discloses wherein said unique identifier is a serial number of a physical token 
installed at said computing device (Pitchenik: colunm 3 line 60 - column 4 line 10: the 
identification number and associated key within the device). 

6. As per claim 3 and 21 , Pitchenik discloses the method of claims 2 and 20 respectively. 
Pitchenik fiirther discloses wherein said step of obtaining a first secret cryptographic key 
comprises the step of retrieving a pre-stored record associated with said serial number, wherein 
said record comprises said first secret cryptographic key (Pitchenik: column 2 hne 40 - column 3 
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line 28; column 4 lines 32 - 67; column 3 line 60 
device and the host PC respectively). 
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- column 4 line 10: the keys are stored in the 



7. As per claim 4 and 22, Pitchenik discloses the method of claims 3 and 21 respectively. 
Pitchenik further discloses wherein said step of obtaining a first secret cryptographic key 
comprises the step of receiving a key database file comprising a number of records, wherein each 
record is associated with a unique physical key token and comprises a unique secret 
cryptographic key and a unique serial number (Pitchenik: column 2 line 40 - column 3 line 28; 
column 4 lines 32 - 67; column 3 line 60 - column 4 line 10: the keys are stored in the device 
and the host PC respectively). 

8. As per claim 5 and 23, Pitchenik discloses the method of claims 4 and 22 respectively. 
Pitchenik further discloses wherein said unique secret cryptographic key is created fi-om a 
random number generated at initialization of said token (Pitchenik: column 3 hne 60 - column 4 
line 24). 

9. As per claim 6 and 24, Pitchenik discloses the method of claims 1 and 19 respectively. 
Pitchenik further discloses the method comprising the steps of decrypting said first challenge 
with a network receive cryptographic key; and encrypting said second challenge with a network 
send cryptographic key (Pitchenik: column 2 line 40 - column 3 line 28; column 4 lines 32 - 67; 
column 3 line 60 - column 4 line 10: the key pair). 
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10. As per claim 7, Pitchenik discloses the method of claim 3. Pitchenik further discloses 
wherein said step of decrypting said encrypted first random number results in a first value, and 
further comprising the step of disallowing said computing device to communicate with other 
computing devices on said network if said first value is a null value (Pitchenik: column 4 line 33 

- column 5 line 4: the authentication technique can be applied to both parties). 

11. As per claim 8, Pitchenik discloses the method of claim 7. Pitchenik further discloses 
wherein allowing said computing device to communicate with other computing devices on said 
network if said first value is not a null value (Pitchenik: column 4 line 33 - column 5 line 4: the 
authentication technique can be appUed to both parties). 

12. As per claim 9, Pitchenik discloses the method of claim 7. Pitchenik further discloses the 
method comprising the step of decrypting said second challenge with a network receive 
cryptographic key (Pitchenik: Pitchenik: column 2 line 40 - column 3 line 28; column 4 lines 32 

- 67; column 3 line 60 - column 4 line 10: the key pair). 

13. As per claim 10, Pitchenik discloses the method of claim 8. Pitchenik further discloses 
the method comprising the step of decrypting said encrypted second random number with a 
second secret cryptographic key (Pitchenik: column 2 line 40 - column 3 Hne 28; column 4 lines 
32 - 67; column 3 line 60 - column 4 line 10). 
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14. As per claim 1 1, Pitchenik discloses the method of claim 10. Pitchenik further discloses 
wherein said second secret cryptographic key is stored within said physical token (Pitchenik: 
column 2 line 40 - column 3 line 28; column 4 hues 32 - 67; column 3 line 60 - column 4 line 
10). 

15. As per claim 13, Pitchenik discloses a communications system comprising: a number of 
computing devices, and at least one authentication device, wherein each cHent device or 
authentication device includes a unique tamper-resistant physical token comprising a random 
number generator, a unique secret cryptographic key, and a unique serial number (Pitchenik: 
column 2 line 40 - column 3 line 28; column 4 lines 32 - 67; column 3 line 60 - column 4 line 
10). 

16. As per claim 25, Pitchenik discloses the method of claim 21 . Pitchenik further discloses 
the method con5)rising the steps of: receiving a third challenge from said computing device, 
wherein said third challenge comprises said second random number encrypted with a second 
secret cryptographic key (Pitchenik: column 2 line 34 - column 3 line 29); decrypting said 
encrypted second random number with said first secret cryptographic key (Pitchenik: column 2 
line 34 - column 3 line 29); and comparing said decrypted second random number to said second 
random number to determine if a match exists (Pitchenik: column 2 line 34 - column 3 line 29). 



17. As per claim 26, Pitchenik discloses the method of claim 25. Pitchenik further discloses 
wherein if a match exists between said decrypted second random number and said second 
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random number, allowing said computing device to communicate with other computing device 
on said network, otherwise if a match does not exist, disallowing said computing device to 
communicate with other conqjuting devices on said network (Pitchenik: column 2 line 34 - 
column 3 line 29). 

18. As per claim 27, Pitchenik discloses the method of claim 25. Pitchenik further discloses 
the method comprising the step of decrypting said third challenge with a network receive 
cryptographic key (Pitchenik: column 2 line 34 - column 3 line 29). 

19. As per claim 28, Pitchenik discloses the method of claim 25. Pitchenik further discloses 
wherein said second secret cryptographic key is stored within said physical token (Pitchenik: 
column 2 line 34 - column 3 line 29 and column 3 line 60 - column 4 line 10). 

Claim Rejections - 35 USC§103 

20. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

21. Claims 14-16, and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Pitchenik in view of KimuraU.S. Pub. No. 20010048744 (hereinafter Kimura). 
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22. As per claim 14, Pitchenik discloses the system of claim 13. Pitchenik does not explicitly 
disclose wherein each client device or authentication device further includes a wireless 
communications transceiver to communicate on a wireless network. However, it would have 
been obvious to one having ordinary skill in the art to apply the authentication method to any 
communication environment including wireless network. Alternatively, Kimura discloses access 
point authentication method and applying challenge response and random numbers to 
authenticate mobile terminals within wireless LAN that complies with IEEE 802. 1 1 (Kimura: 
[0038]-[0040]). It would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to apply the authentication technique to any communication system. 
Therefore, it would have been obvious to one having ordinary skill in the art at the time of 
applicant's invention to combine the teachings of Kimura within the system of Pitchenik because 
it prevents unauthorized access from mobile stations of malicious intruders in a radio-based 
wireless LAN network. 

23. As per claim 15, Pitchenik as modified discloses the system of claim 14. Pitchenik as 
modified further discloses wherein said wireless network is Wi-Fi network (Kimura: figure 5 and 
[0004], [0035]-[0040]). 

24. As per claim 16, Pitchenik as modified discloses the system of claim 15. Pitchenik as 
modified further discloses wherein said authentication device is an access point (Kimura: [0039]- 
[0040] and figure 2). 
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25. As per claim 18, Pitchenik as modified discloses the system of claim 16. Pitchenik as 
modified further discloses wherein said access point includes a database file comprising said 
serial numbers and secret cryptographic keys associated with said tokens (Pitchenik: column 3 
line 60 - column 4 line 10; Kimura: [0004], [0035]-[0040]). 

26. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over Pitchenik in view 
of Kimura and further in view of Shteyn U.S. Pub. No. 20040203590 (hereinafter Shteyn). 

27. As per claim 17, Pitchenik as modified discloses the system of claim 13. Pitchenik as 
modified does not expUcitly disclose wherein each tamper-resistant physical token is installed 
via a USB interface. However, Shteyn discloses using a dongle installed via a USB to secvu-e 
communications in a wireless network (Shteyn: [0027]). It would have been obvious to one 
having ordinary skill in the art to store identifications information and cryptographic key into the 
hardware key while authentication takes place between a mobile terminal and an access point. 
Therefore, it would have been obvious to one having ordinary skill in the art at the time of 
appUcant's invention to combine the teachings of Shteyn within the combination of Pitchenik- 
Kimura because dongle is well known in the art for providing security parameters within 
network. 

Response to Arguments 

28. Applicant's arguments filed on 3/23/05 have been fully considered but they are not 
persuasive. 
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As per claim 1 and 19, applicant argues that the Pitchenik reference does not disclose 
generating a second random number. However, Pitchenik discloses that sending a second 
encrypted message to the PSD (Pitchenik: column 4 hnes 35-59: the second encrypted message). 
The second random number is generated by decrypting the first encrypted message. Therefore, 
applicant's argument is respectfiiUy traversed. 

As per claim 13, appUcant argues that Pitchenik reference does not disclose a tamper 
resistant physical token. However, Pitchenik discloses that the cryptographic key and unique ID 
are stored within the postage security device, which is a tamper resistant device. Therefore, the 
tamper resistant physical token is included in the postage security device ready for 
authentication. Also, Shteyn reference discloses using a dongle for authentication purposes, the 
combination of Shteyn within the system of Pitchenik would produce a hardware key with the 
features discloses by Pitchenik. 

Conclusion 

29. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
poUcy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, wUl the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789, The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pnL 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubhshed apphcations 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Shin-Hon Chen 
Examiner 
Art Unit 2131 
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